Overview

overview

10

Static

static

10

68e2b5037f...dd.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36555ac6a89890b5fc6d1dfc654b1111.bin

  • Size

    48KB

  • Sample

    230918-bywc4agc82

  • MD5

    a758f6421f4e6917683d91da5d5adb06

  • SHA1

    692cfbe633f80316a86b5b63d143633f5e71cea6

  • SHA256

    27607d4cc987406531beda4761a4d002a2371d0e636df42c7b31112b5002dbfc

  • SHA512

    e6a7f34421c10c0644dc22f1d4faf911d2b2e1732b58d53ef126b743216efbc2bd8c750e403fea840ca41edfe5f3a09926dce4951860cffe98b5ac484e04613b

  • SSDEEP

    1536:SEWXn821nZIZgK06cZJ7IfsVGnGTQq+JVvLHLK:c83ZgN6cZC4Gny6NLK

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      68e2b5037fc0028c977a8d65cd42627fa7d52353371870239eec76f9a88b30dd.elf

    • Size

      113KB

    • MD5

      36555ac6a89890b5fc6d1dfc654b1111

    • SHA1

      b46f7130ba49ca18cf98432faf90a4e45e7ec89c

    • SHA256

      68e2b5037fc0028c977a8d65cd42627fa7d52353371870239eec76f9a88b30dd

    • SHA512

      f43fdf84784fd93e1c62adb3b0929c9c312b51b620312ad234c42d6ef4d94946861c5bde336fcf7e64bdde20fa50d40356b1e78351032ad50cc7c36810f6d62a

    • SSDEEP

      3072:kiry859a2ADJf9wHYqbgFFo8+HeA6+TRCm7FnVqfJXFWbNb:T9a2aLqkrM1sm7FnVqfJXFWbNb

    Score
    7/10

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks